Skip to main content
CVE-2026-0642 LOW POC Monitor

House Rental And Property Listing Project versions up to 1.0 is affected by cross-site scripting (xss) (CVSS 2.4).

PHP XSS
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-11235 LOW Monitor

Unverified Password Change vulnerability in Progress MOVEit Transfer on Windows (REST API modules).This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.3, from 2023.0.0 before 2023.0.8, from 2022.1.0 before 2022.1.11, from 2022.0.0 before 2022.0.10. [CVSS 3.7 LOW]

Windows
NVD VulDB
CVSS 3.1
3.7
EPSS
0.0%
CVE-2025-31963 LOW Monitor

Bigfix Insights For Vulnerability Remediation versions up to 4.2 is affected by missing authentication for critical function (CVSS 2.9).

CSRF Bigfix Insights For Vulnerability Remediation
NVD
CVSS 3.1
2.9
EPSS
0.0%
CVE-2025-12958 LOW Monitor

Rankology SEO and Analytics Tool (WordPress plugin) is affected by improper authorization (CVSS 2.7).

WordPress Authentication Bypass
NVD
CVSS 3.1
2.7
EPSS
0.0%
CVE-2025-31964 LOW Monitor

Bigfix Insights For Vulnerability Remediation versions up to 4.2 is affected by information exposure (CVSS 2.2).

Information Disclosure Bigfix Insights For Vulnerability Remediation
NVD
CVSS 3.1
2.2
EPSS
0.0%
CVE-2026-0649 LOW Monitor

Server-side request forgery in InvoiceNinja up to version 5.12.38 allows remote attackers with high privileges to manipulate the company_logo parameter during migration imports, enabling them to make arbitrary outbound requests from the affected server. Public exploit code is available and the vendor has not provided a patch or response to this disclosure. The vulnerability affects PHP and Golang environments with a CVSS score of 4.7.

PHP SSRF
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-31962 LOW Monitor

Bigfix Insights For Vulnerability Remediation versions up to 4.2 is affected by insufficient session expiration (CVSS 2.0).

Authentication Bypass Bigfix Insights For Vulnerability Remediation
NVD
CVSS 3.1
2.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy